Trouble sending email from Wayne Connect to Hotmail?

If you have sent an email from your Wayne Connect account to a Hotmail, MSN, or Live.com email address within the past week, you probably had it bounce back as “undeliverable.” That’s because these email providers have flagged Wayne Connect as a source of spam.

How did this happen? It’s the result of a long chain of events:

  1. Spammers send phishing messages to Wayne Connect accounts. Some users — even a handful– take the bait and send in their AccessID and password
  2. Or, the spammers used passwords from LinkedIn accounts to break into a Wayne Connect account — because the Wayne Connect user’s passwords were identical on both systems
  3. Spammers use the compromised AccessIDs to send millions of spam messages
  4. Spam recipients report spam to Real-Time Blackhole List (RBL) services such as SpamCop
  5. Multiple reports to the RBL service “confirm” that Wayne Connect is a spam source, and it is placed on the RBL.
  6. Email providers check the RBL to make a quick decision about an incoming message that originated from Wayne Connect. If Wayne Connect is on the RBL, they bounce the message and send some cryptic info mentioning SMTP Error 550.
  7. Wayne Connect support staff is alerted about the RBL status; locate the compromised Wayne Connect accounts and close them down; then contact the RBL services to remove Wayne Connect’s entry.
  8. The RBL services wait several days to process the request, to make sure that the spam has truly stopped.
  9. Email resumes flowing again after Wayne Connect is removed from the RBL services.

As you can see, even if just a few people are victimized by spammers, it can spell trouble for many other Wayne Connect users.  You can help by being vigilant when handling your email. Here are some good tips to remember (adapted from Microsoft’s Safety & Security Center):

  • Before you click, preview a link’s web address. Move your mouse pointer over a link without clicking it. The address should appear on the bottom bar of your web browser. Official Wayne State web addresses always end in wayne.edu
  • Check the spelling. Spammers often use deliberate, easily overlooked misspellings to deceive users. Examples that we have seen include wanye.edu and waney.edu
  • Carefully evaluate contact information in email messages. Watch out for spelling errors or if no phone number provided. One recent phish used the non-existent email address customerservice@wayne.edu — which looks legitimate, but no phone number was provided.

If you have found a phish — report it! Just follow these simple instructions on WSU’s IT Knowledgebase.

If you’re in doubt, just leave the email message alone and contact the C&IT Help Desk 313-577-4778.

If you want to learn more ways to identify phish, check out our Is an email legitimate? guide.

Got questions? Post them below!

Phish in an Envelope

C&IT’s security staff learned about a new form of phishing that has been spotted at several universities, and we want you to be aware of the technique that the Bad Guys are using.

A small number of people at multiple sites are getting physical mail, not email, indicating a possible security issue they should be aware of.  Details are supposedly included on an enclosed DVD.  Individuals targeted range from upper management to researcher/student assistant. Nobody is safe.

The DVD contains an executable you are supposed to run that contains the details.  In reality it contains a trojan horse that snaps a screenshot every few seconds and uploads it to a remote command/control site. The malware runs as the user, and isn’t picked up by antivirus.

If you receive such a package, please get in contact with C&IT as soon as possible.  DO NOT insert the DVD into your system.  If you have any questions, please contact the C&IT Help Desk at 313-577-4778 or helpdesk@wayne.edu

New VZW Email Phishing Scam

Be on the lookout!  A new email scam has been going around recently, and the scammers are getting more and more creative in trying to get your information:

 

At first glance, it appears that a gigantic payment of close to $1700.00 was made to a Verizon Wireless account.  While not everybody has a cell phone thru Verizon, their large market share ensures that a LOT of people will take a look at this message and think that something has gone horribly awry.  Clicking on the “Manage Your Account Online” link will load up some nasty JavaScript that will really ruin your day.

Common tips to always keep in mind:

  • Beware of misspellings, broken links or undisplayed images in emails.
  • Hover over email links to see if they will take you to reputable sites.  In this case, hovering over the link brings you to:
  • Visit websites by typing their address directly into your browser bar.  Avoid clicking email links if you are not expecting them!
  • If something seems too good or too strange to be true, it probably is.  Proceed with caution!